package com.dys.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Author: 疾风
 * @ClassName: HelloSecurity
 * @Description: SpringSecurity测试
 * @CreateDate: 2024/12/12
 * @Version: v1.0.0
 */
@RestController
@RequestMapping(value = {"/hello"})
public class HelloSecurity {

    /**
     * 设置资源访问的权限：
     * @PreAuthorize():在方法执行前进行权限校验,作用是检查当前用户是否具有指定的权限
     * hasAuthority():检查用户是否有指定的权限
     * hasAuthority('test'):检查当前用户是否具有test的权限
     */
    @GetMapping(value = "/security")
    @PreAuthorize(value = "hasAuthority('test')")
    public String helloSecurity(){
        return "Hello Security";
    }
}
